-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 27 Sep 2024 06:16:10 +0200
Source: php8.2
Binary: php8.2 php8.2-xsl
Architecture: all
Version: 8.2.24-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: all / amd64 / i386 Build Daemon (x86-grnet-03) <buildd_amd64-x86-grnet-03@buildd.debian.org>
Changed-By: Ondřej Surý <ondrej@debian.org>
Description:
 php8.2     - server-side, HTML-embedded scripting language (metapackage)
 php8.2-xsl - XSL module for PHP (dummy)
Changes:
 php8.2 (8.2.24-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream version 8.2.24
    + [CVE-2024-8926]: Bypass of CVE-2024-4577, Parameter Injection
      Vulnerability
    + [CVE-2024-8927]: cgi.force_redirect configuration is bypassable due
      to the environment variable collision
    + [CVE-2024-8927]: Logs from FPM childrens may be altered
    + [CVE-2024-8925]: Erroneous parsing of multipart form data
Checksums-Sha1:
 1a6568a7387f1d477c89e2ec150275b6e876f786 41960 php8.2-xsl_8.2.24-1~deb12u1_all.deb
 e641759d303c54b38e02a2fbf80860a795747e3c 14022 php8.2_8.2.24-1~deb12u1_all-buildd.buildinfo
 b90b96c1c780f1abb14c0b2159a1e8297c0041e1 42300 php8.2_8.2.24-1~deb12u1_all.deb
Checksums-Sha256:
 e7eb138f06faafe74876de519953dfea2bf9ca3ecb886c7fc257504571383b1e 41960 php8.2-xsl_8.2.24-1~deb12u1_all.deb
 ccdfd5c84863643517e3db60821cfa230593cd588926c4a60b5f97a9d04c96a1 14022 php8.2_8.2.24-1~deb12u1_all-buildd.buildinfo
 80c69d3846f0ef4f23857886f1b8d7682ec6188268c7f484d11a705066e16dd9 42300 php8.2_8.2.24-1~deb12u1_all.deb
Files:
 6a3b8ce0f6b24eefdc17d29a7d660a1a 41960 php optional php8.2-xsl_8.2.24-1~deb12u1_all.deb
 18dca4c59f9c185682e7b357e8106a52 14022 php optional php8.2_8.2.24-1~deb12u1_all-buildd.buildinfo
 10b67ac616b6ec239a0aca684dfdc1ea 42300 php optional php8.2_8.2.24-1~deb12u1_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEe8x49oT2k+seQstpgDm7h4zfCpIFAmb2eroACgkQgDm7h4zf
CpJtpg//bHIddjT03mF6ahmjgBovjD/+Ng60t/ggD++LqRirizr0ZSFRzGxvXbwm
n76P1hn9akK55DvWutwwBBy52/T+04xeiPEb6WvKq6H9LkzDRfxWHH9z/cdVWryw
/mKLgA7u5nCuj8D1JxLSt1lhp0uYpS+Mp8Ycgf0xUjchG5FMRbGfAKeObP/Nku9g
KXGV1/WGjQvYLFu6mIHeOOTU6aLK6uEDVZObVgDubgKZCrzSBxSSF81yP89Yrq6z
jnfjPere60mWymwMxILtJhqALc8ukZCd9Q/tHGym7nXh/O/GksaXd45r1FVJsNS6
ARpuPVaOyfU7oDXd5NCic2VjMET2iXsFGvSrahG3HhRmd1N0aeOro208ddizVwg8
WFPi7szCzmbz8wjCyJPX21+RYQ/NFKea/yUKbM9/3eboLLQNarthUUXpXwYlxw5Y
Dl5EfSkUQX6iOHsJfViOxT2b83Cj1GrfJ5XBeCfvK8GTrwnvtn61Cq3f2Ri4NM9f
Wo+78s7GUwiZMv3ND1yEU/aPn3Ui7MOfKCcr41bGod8Y/pDXaH1B9265/zgsk6YT
lKcGJzZp48X8h727k98vdIaBaJXNat5E+XEYzcGGE4MpDTkTN3Kx7YMpp5cclvn9
x2dDVPp4Oul+lwn2iXbPecHKtMgmljDsWFbcqSpqJ14lO3690Do=
=2GR+
-----END PGP SIGNATURE-----